<?php
/*
+--------------------------------------------------------------------------
|   AffiliStore 2
|   ========================================
|   Web: http://www.affilistore.com
|   Email: admin (at) affilistore (dot) com
|	License Type: AffiliStore 2 is NOT open source software and limitations apply 
|   Licence Info: Visit AffiliStore website and click on 'Licence'
+--------------------------------------------------------------------------
*/
// checks to see if password session is set
// if not redirects to ../admin/
if($_SESSION['loggedIn'] == 0 && !isset($adminPage)){
include('../includes/auth.inc.php');
}


// include fck wysiwyg editor
include("includes/rte/fckeditor.php");








// add a category
if (isset($_POST['nd_updated'])) {

	// check to see if details have been completed
	if (empty($_POST['addThisPage'])) {
	$error = 1;

	// insert new page
	} else {
	
	$timeNow = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
	
	$sql =  sprintf("INSERT INTO affiliSt_news (name, timestamp, content) values (%s, %s, %s)",
			   quote_smart($_POST['addThisPage']),
			   quote_smart($timeNow),
			   quote_smart($_POST['addContent']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	
	}
}












// delete a category
if (isset($_GET['delete'])) {
$sql =  sprintf("DELETE FROM affiliSt_news WHERE id = %s",
           quote_smart($_GET['delete']));
mysql_query($sql, $databaseConnect) or die(mysql_error());
}












// edit a page
if (isset($_POST['nd_edited'])) {

	// check to see if details have been completed
	if (empty($_POST['editThisPage'])) {
	$error = 1;

	// edit page
	} else {

	$sql =  sprintf("UPDATE affiliSt_news SET name = %s, content = %s WHERE id = %s",
			   quote_smart($_POST['editThisPage']),
			   quote_smart($_POST['editContent']),
			   quote_smart($_POST['editID']));
	mysql_query($sql, $databaseConnect) or die(mysql_error());
	
	}
}






// pagination
$limit          = 30; 
$totalrows = mysql_result(mysql_query("SELECT COUNT(id) FROM affiliSt_news"),0);
 
$page = $_GET['page'];
$currentPage = $_SERVER["PHP_SELF"];

if(empty($page)){
$page = 1;
}
        
$limitvalue = $page * $limit - ($limit);



$getCatNames = mysql_query("SELECT * FROM affiliSt_news ORDER BY name ASC");
$catNames = mysql_fetch_assoc($getCatNames);

$getTopCat = mysql_query("SELECT * FROM affiliSt_news ORDER BY timestamp DESC,id DESC LIMIT $limitvalue, $limit");
$topCat = mysql_fetch_assoc($getTopCat);
?>



<?php
// error report
if ($error == 1) {
echo '<fieldset><strong style="color:red">ERROR: Fields must not be empty</strong></fieldset>';
} else {
	// category added report
	if (isset($_POST['nd_updated'])) {
	echo '<fieldset><strong style="color:green">News Added</strong></fieldset>';
	} 
	
	// category edited report
	if (isset($_POST['nd_edited'])) {
	echo '<fieldset><strong style="color:green">News Edited</strong></fieldset>';
	}
}

?>






<?php
// edit category html
if (isset($_GET['edit'])) {


$sql =  sprintf("SELECT * FROM affiliSt_news WHERE id = %s",
           quote_smart($_GET['edit']));
$getEditCat = mysql_query($sql, $databaseConnect) or die(mysql_error());
$editCat = mysql_fetch_assoc($getEditCat);
?>

<fieldset style="border: 1px solid green;">
<legend>Edit News</legend>
<form action="index.php?ad=nd" method="post" name="editDetails">
<table cellpadding="4" cellspacing="0" border="0" width="100%">
<tr>
<td valign="top" align="left">
<label for="edit_page">News Title: </label>
</td>
<td valign="top" align="left">
<input name="editThisPage" type="text" class="adminInput" id="edit_page" value="<?php echo $editCat['name'] ?>" />
</td>
</tr>
<tr>
<td valign="top" align="left" colspan="2">
<?php
$oFCKeditor = new FCKeditor('editContent');
$oFCKeditor->BasePath = 'includes/rte/';
$oFCKeditor->Value = $editCat['content'];
$oFCKeditor->Create();
?>
</td>
</tr>
</table>
<input type="hidden" name="editID" value="<?php echo $_GET['edit']; ?>" />
<input type="hidden" name="oldParent" value="<?php echo $_GET['p']; ?>" />
<input type="hidden" name="nd_edited" value="yes" />
<input value="Edit News" type="submit" class="padSubmit" />
</form>
</fieldset>













<?php } else { 
// add news html
?>

<fieldset>
<legend>Add News</legend>
<form action="index.php?ad=nd" method="post" name="updateDetails">
<table cellpadding="4" cellspacing="0" border="0" width="100%">
<tr>
<td valign="top" align="left">
<label for="add_page">News Title: </label>
</td>
<td valign="top" align="left">
<input name="addThisPage" type="text" class="adminInput" id="add_page" />
</td>
</tr>
<tr>
<td valign="top" align="left" colspan="2">
<?php
$oFCKeditor = new FCKeditor('addContent');
$oFCKeditor->BasePath = 'includes/rte/';
$oFCKeditor->Value = "";
$oFCKeditor->Create();
?>
</td>
</tr>
</table>
<input type="hidden" name="nd_updated" value="yes" />
<input value="Add News" type="submit" class="padSubmit" />
</form>
</fieldset>

<?php } ?>











<fieldset>
<legend>Current News Items</legend>

<?php 
// repeat category listings
do { 
	if ($topCat['id'] !== NULL) {
	echo '<span style="color:#666666">'.date('d F Y', $topCat['timestamp']).'</span> - ';
	echo '<strong>'.$topCat['name'].'</strong>
	[<a href="index.php?ad=nd&edit='.$topCat['id'].'">edit</a>] ';
	// delete
	echo '[<a href="index.php?ad=nd&delete='.$topCat['id'].'">delete</a>]<br />';
	}
} while ($topCat = mysql_fetch_assoc($getTopCat));




// page numbers
$numofpages = $totalrows / $limit;

if ($numofpages > 1) {
	echo('<div id="pagLinks">');
	
	// previous page link
	if($page != 1){ 
	$pageprev = $page - 1;
	echo("<a href=\"$currentPage?ad=nd&page=$pageprev\">&lt Prev</a> "); 
	}else{
	echo("&lt Prev ");
	}
	
	
	 
	
	for($i = 1; $i <= $numofpages; $i++){
		if($i == $page){
		echo($i." ");
		}else{
		echo("<a href=\"$currentPage?ad=nd&page=$i\">$i</a> ");
		}
	}
	
	// check for remainder results with %
	if(($totalrows % $limit) != 0){
		if($i == $page){
		echo($i." ");
		}else{
		echo("<a href=\"$currentPage?ad=nd&page=$i\">$i</a> ");
		}
	}
	
	// next page link
	if(($totalrows - ($limit * $page)) > 0){
	$pagenext = $page + 1;
	echo("<a href=\"$currentPage?ad=nd&page=$pagenext\">Next &gt;</a>"); 
	}else{
	echo("Next &gt;"); 
	}
	
	echo('</div>');
}


?>
</fieldset>